The aws
provider enables configuration of the
Terraform AWS Provider.
provider:
aws:
assume_role:
external_id: "EXTERNAL_ID"
role_arn: "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
session_name: "SESSION_NAME"
endpoints:
dynamodb: "http://localhost:4569"
s3: "http://localhost:4572"
region: "us-west-2"
tags:
Owner: "Dev Team A"
Environment: "production"
Setting | Type | Default | Description |
---|---|---|---|
access_key |
String | AWS_ACCESS_KEY_ID environment variable
or
AWS shared credentials file, must specify
profile |
AWS access key ID |
allowed_account_ids |
String | None | List of allowed, white listed, AWS account IDs |
assume_role |
Object | None | ARN role that Terraform will attempt to assume |
endpoints |
Object | None | Configuration block for customizing service endpoints |
forbidden_account_ids |
String | None | List of forbidden, blacklisted, AWS account IDs |
insecure |
Boolean | false |
Allows insecure SSL requests |
max_retries |
String | None | Maximum number of times an API call is retried |
profile |
String | None | Profile name in the AWS shared credentials file |
region |
String | AWS_DEFAULT_REGION environment variable
or
AWS shared credentials file, must specify
profile |
Region to use for provisioning resources |
secret_key |
String | AWS_SECRET_ACCESS_KEY environment variable
or
AWS shared credentials file, must specify
profile |
AWS secret access key |
shared_credentials_file |
String | “~/.aws/credentials” | Path to the shared credentials file |
skip_credentials_validation |
Boolean | false |
Skips the credentials validation via the STS API |
skip_get_ec2_platforms |
Boolean | false |
Skips getting the supported EC2 platforms |
skip_region_validation |
Boolean | false |
Skips validation of the provided region name |
tags |
Object(key-value pairs) | None | Key-value pairs to assign to every resource that supports tagging |
token |
String | AWS_SESSION_TOKEN environment variable | Session token for validating temporary credentials |